The Configuration tab of each server instance in ODSM enables you to modify
elements of the server configuration. For additional information about managing the configuration that
is specific to a proxy server instance, see Managing the Proxy Configuration With ODSM.

Select a Configuration View

The Configuration tab presents two separate views of the server configuration. To select
a configuration view, click the Select type of view icon and select one of the
following:

Configuration Tree. This is the default view that is displayed and shows all of the server configuration objects for that particular server instance.

All Configuration Objects. This view shows all possible configuration objects for any kind of server instance.

Display Suffix Properties

In the Configuration Tree view, the Configuration tab displays all of the suffixes
that have been configured on the server. You cannot edit a suffix in
this view but you can see the list of network groups and
workflows that expose that suffix.

The properties of the network group are displayed in the right hand pane

You can modify the following properties of the network group:

Enabled. Select or deselect this check box to enable or disable the network group. If you disable a network group, no client requests can be handled by that network group. If you disable the only configured network group, you effectively stop client applications from accessing the backend.

Security Mandatory. Select this option if you require clients to use a secure connection to access this network group. By default, a secure connection is not required.

Priority. In the event of multiple network groups, set priority for this network group. Client requests are handled by the network group with the highest priority, for which the criteria are met. The highest priority a network group can have is 0.

Allowed auth method. Specify the authentication method/s that are allowed between the client and the network group.

Allowed protocol. Specify the protocol/s that are allowed for client connections. If you do not specify a protocol, all protocols are allowed.

Allowed BindDN. Click the Add icon to add one or more bind DNs that are allowed to connect to this network group. Click the Delete icon to remove the bind DNs that should not be accepted by the network group.

Allowed Client. Click the Add icon to add one or more clients that are authorized to access this network group. Clients can be expressed by their IP addresses or their names. If no allowed client list is provided, all clients are allowed, unless they are specifically listed on the denied client list.

Denied Client. Click the Add icon to add one or more clients that are prohibited from accessing this network group. Clients can be expressed by their IP addresses or their names. If no denied client list is provided, all clients are allowed, unless a limitation is set by using the allowed client list.

Workflow. Click the Add icon to add one or more workflows that can be accessed through this network group.

Modify a Workflow Element

A workflow element is the key building block of a workflow process. Workflow
elements define how client requests that are sent to the server are treated.
In a deployment that includes a proxy server, workflow elements are configured for
load balancing or distribution. In a deployment that does not include a proxy
server, workflow elements are configured directly for each backend.

You can modify the properties of an existing workflow element, as follows:

Click on the workflow element, for example userRoot, distrib-we, or load-bal-we1.

The properties of the workflow element are displayed in the right hand pane

The properties that you can edit depend on the type of workflow element that is configured.

For a backend workflow element, you can modify the following basic properties:

Enabled. Select or deselect this check box to enable or disable the workflow element. If you disable a workflow element, you effectively stop client applications from accessing that backend.

Writability Mode. Select Enabled if you want clients to be able to write to the backend. Select Disabled if you do not want clients to be able to write to the backend. Select Internal Only if you want replication changes and internal operations to be written to the backend, but you do not want client applications to write to the backend directly.

Base DN. Specify the base DN(s) for the data that the backend handles. A single backend can be responsible for more than one base DN.

You can also modify the properties of the database and its associated indexes. For a comprehensive list of all configurable properties, and their allowed values, see the Oracle Fusion Middleware Configuration Reference for Oracle Unified Directory.

For a distribution workflow element, you can modify the following properties:

Enabled. Select or deselect this check box to enable or disable the workflow element. If you disable a workflow element, you effectively stop client applications from accessing all partitions that are handled by that distribution element.

Distribution Attribute. Enter the name of the attribute by which you want client requests to be distributed.

Force DN Modify. Specifies whether a modify DN operation is always accepted by the server. If this option is selected, you must configure distribution with a global index catalog because when entries are "moved" the distribution algorithm might not be able to locate them properly.

Global Index Catalog. Select the global index catalog that you want to use with this distribution element. The referenced global index catalog must be enabled before it appears for selection.

For a load balancing workflow element, you can modify the following properties:

Enabled. Select or deselect this check box to enable or disable the workflow element. If you disable a workflow element, you effectively stop client applications from accessing all partitions that are handled by that load balancing element.

Routes. Click the Add icon to add a new load balancing route. For information about configuring the specific route properties, see the Oracle Fusion Middleware Configuration Reference for Oracle Unified Directory.

Modify the General Server Configuration

Certain elements of the general server configuration can be modified by using ODSM.
In the Configuration Tree view, the Configuration tab displays all of the suffixes
that have been configured on the server. You cannot edit a suffix in
this view but you can see the list of network groups and
workflows that expose that suffix.

For a comprehensive list of all configurable properties, and their allowed values, see the Oracle Fusion Middleware Configuration Reference for Oracle Unified Directory.

Modify a Connection Handler

Connection handlers are responsible for accepting connections from clients, reading and parsing requests
submitted by the clients, ensuring that they are processed by the server, and
sending the corresponding responses back to the client. The connection handler manages all
communication with the client and therefore needs to implement support for the associated
protocol.

You can configure all of the connection handler properties by using ODSM, as
follows:

For a comprehensive list of all configurable properties, and their allowed values, see
the Oracle Fusion Middleware Configuration Reference for Oracle Unified Directory.

Modify Logger Properties

Oracle Unified Directory provides several log publishers, or loggers, by default. Any number
of loggers of any type can be defined and active at any
time. This means that you can log to different locations or different types
of repositories and that you can specify various sets of criteria for what
to include in the logs.

You cannot create a new log publisher with ODSM, but you can
modify the properties of an existing log publisher.

To configure logger properties by using ODSM, complete the following steps:

Expand the Loggers element and click on the logger whose properties you want to modify.

The properties of the logger are displayed in the right hand pane. The configurable properties will depend on the type of logger that you have selected. For a comprehensive list of all configurable properties and their allowed values, see the Oracle Fusion Middleware Configuration Reference for Oracle Unified Directory.

Modify Log Rotation Policies

Log rotation policies dictate how often log files are rotated, that is to
say, how long log files are kept based on various criteria.

Oracle Unified Directory provides the following four log rotation policies:

24 Hours time limit rotation policy. By default, this policy sets the rotation interval to one day. Time of day can be configured.

7 Days time limit rotation policy. By default, this policy sets the rotation interval to one week. Time of day can be configured.

Fixed time limit rotation policy. By default, this policy sets the time of day that log files are to be rotated, to one minute before midnight.

Size time limit rotation policy. By default, this policy sets a maximum size that log files can reach to 100 Mb, before the log file is rotated.

The type of log rotation policy that is enabled by default depends
on the logger type.

Size limit retention (size-limit). By default, this policy sets the disk spaced used to a maximum of 500 Mb, for a specified type of log file. By default, the log retention policy enabled is File count retention.

Select the Retention Policies element and modify the required properties.

You can also add a new retention policy or delete an existing
retention policy by clicking the Add or Delete icons on this page, and
completing the required information.

Configure Alerts

Oracle Unified Directory provides mechanisms for transmitting alert and account status notifications by
means of JMX extensions or SMTP extensions. You can configure the directory server
to send alert notifications when an event occurs during processing. Typical server events
include server starts and shut downs, or problems that are detected by the
server, such as an attempt to write to the configuration file. You
can also receive account status notifications when an event occurs during password policy
processing, such as when accounts are locked out, accounts expire, passwords expire, and
so on.